Re: issues raised at VPN interoperability workshop

[Will Fiveash <will@austin.ibm.com>]

On Tue, Feb 01, 2000 at 01:41:58PM -0500, Andrew Krywaniuk wrote:
> Since my box is only ever a commit bit responder, I don't really care
> whether an implementation is allowed to turn the commit bit off, SO LONG AS
> IT IS STANDARDIZED. I thought Dan's explanation at the town hall meeting was
> that clearing the commit bit in QM3 did not abdicate the responder from
> sending the C-N.

I agree with your statement concerning standardization.  More comments
follow below.

> >From Dan's Town Hall Summary:
> 
> >   * Can you clear the commit bit during phase 2?
> > 
> > Yes.
> > 
> >   * Is the commit bit even mandatory? If it's not and you 
> > don't support it
> >     what do you do if it's set in an offer? Refuse it?
> > 
> > It's mandatory.
> 
> In other words, you can clear the commit bit, but you can't refuse the
> offer.

Dan, can we change the draft-ieft-ipsec-ike-01.txt so that we get a
standardized way of interpreting the reflection or non-reflection of the
CB?  I think this will give impementors reasonable flexibility in that if
they do not want to implement CB they just have to make sure they don't
reflect the CB.  If they do support CB then they have to check for
reflection which is easy.

-- 
Will Fiveash

---

Follow-Ups:

• Commit Bit and SPI?
• From: Will Fiveash <will@austin.ibm.com>

References:

• RE: issues raised at VPN interoperability workshop
• From: Andrew Krywaniuk <akrywaniuk@TimeStep.com>

---

• Prev by Date: RE: issues raised at VPN interoperability workshop
• Next by Date: Notifications for failure in Config mode
• Prev by thread: RE: issues raised at VPN interoperability workshop
• Next by thread: Commit Bit and SPI?
• Index(es):
  • Main
  • Thread